Kaspersky releases free tool that scans Linux for known threats

June 1, 2024 at 05:34PM Kaspersky released a new virus removal tool called KVRT for Linux, offering free scanning and removal of malware and known threats. Despite misconceptions about Linux security, recent backdoor examples prove otherwise. KVRT is not real-time protection but scans and cleans malware, adware, and more, supporting various Linux distributions. The tool … Read more

Pakistani ‘Transparent Tribe’ APT Aims for Cross-Platform Impact

May 28, 2024 at 11:33PM A cyber-espionage group, Transparent Tribe, known for targeting government and defense sectors in India, has expanded its tactics to include targeting Linux systems using legitimate software techniques, including Google Drive and Telegram. Despite a history of targeting India, the group has also attacked the US, Europe, and Australia. They utilize … Read more

400K Linux Servers Recruited by Resurrected Ebury Botnet

May 17, 2024 at 12:09PM The Ebury botnet, operating for 15 years, has compromised numerous servers, targeting universities, enterprises, and cryptocurrency traders. It employs tactics to steal credentials, intercept SSH traffic, and pivot towards credit card and cryptocurrency theft. Despite the imprisonment of a key perpetrator, Ebury’s operators remain active and pose ongoing challenges for … Read more

Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks

May 17, 2024 at 05:33AM The Kimsuky APT group, associated with North Korea’s Reconnaissance General Bureau, has been observed deploying the Gomir backdoor on Linux to target South Korean organizations. The malware shares extensive code with GoBear and is distributed through trojanized security programs. The campaign highlights the preference for software installation packages as infiltration … Read more

Spies Among Us: Insider Threats in Open Source Environments

May 7, 2024 at 10:51AM A critical vulnerability in XZ Utils raised comparisons to the SolarWinds hack and highlighted the power of the open source community in averting a disaster. However, it also raised questions about security and trust within the ecosystem. The incident suggests the need for stricter security measures and consideration of internal … Read more

New Spectre v2 attack impacts Linux systems on Intel CPUs

April 10, 2024 at 01:24PM Researchers have developed the first native Spectre v2 exploit, affecting Linux systems on modern Intel processors. The discovery highlights the ongoing challenge of balancing performance optimization with security. Spectre V2 leverages speculative execution, leaving traces of sensitive data in CPU caches, and introduces security risks. Various entities are responding with … Read more

What can be done to protect open source devs from next xz backdoor drama?

April 6, 2024 at 12:18PM A recently discovered sophisticated backdoor in the xz software library raised concerns about the security of open-source code. The backdoor could allow remote control over infected systems, highlighting the risks of widely used code. Experts debate whether large corporations should contribute to securing such code. Join the Kettle series for … Read more

New XZ backdoor scanner detects implant in any Linux binary

April 2, 2024 at 10:38AM Binarly, a firmware security firm, has released a free online scanner to detect Linux executables affected by the XZ Utils supply chain attack, identified as CVE-2024-3094. The attack was discovered by a Microsoft engineer and the scanner aims to address this issue. It employs static analysis of binaries to identify … Read more

‘WallEscape’ Linux Vulnerability Leaks User Passwords

April 1, 2024 at 12:30PM Security researchers have disclosed a new vulnerability, named CVE-2024-28085 or ‘WallEscape’, affecting the ‘wall’ command in the util-linux package on Linux systems. Exploiting this flaw could potentially leak user passwords and manipulate the clipboard. This security defect impacts Ubuntu 22.04 and Debian Bookworm, with potential for account takeover, but does … Read more

Supply Chain Attack: Major Linux Distributions Impacted by XZ Utils Backdoor

April 1, 2024 at 10:06AM Multiple major Linux distributions have been hit by a supply chain attack through XZ Utils data compression library, resulting in a backdoor for unauthenticated access. The attack affects various Linux distributions, with tools available to detect the malicious library. Reverting to an untainted version of XZ Utils eliminates the threat, … Read more